Tuesday, November 27, 2012

There are an awful lot of .local, .corp, and .lan Active Directory domains out there for many reasons. Sometimes, there is no easy way to change this due to things like Exchange, custom apps that integrate tightly with AD, or just the massive amount of testing that a domain rename requires. I can understand if you walk into a situation like this that you did not create, but please don't ever do this on a new domain.

The correct way to name an Active Directory domain is to create a subdomain that is the delegation of a parent domain that you have registered and have control over. As an example, if I ever started a consulting business and used the Internet-facing website mdmarra.com as my company's site, I should name my Active Directory domain ad.mdmarra.com or internal.mdmarra.com, or something similar. You want to avoid making up a TLD like .local and you also want to avoid the headache of using mdmarra.com for the Internet-facing zone and the internal zone.

Thursday, November 8, 2012

I recently had to track down a configuration issue between our production and dev environments. One of the first things that I looked at were installed hotfixes. Since we have a lot of dev machines that are supposed to mirror production, I decided to whip up a little PowerShell script to compare the installed hotfixes of the two servers.

I purposely do not name my employer here and any reference to it is stripped from scripts/code before it is posted. This blog and all related links and profiles are entirely my own. My opinions, beliefs, rants, etc are completely mine and are not indicative of the beliefs of my employer.